×
HP Finds Malware Attack Likely Built With Generative AI
Written by
Published on
Join our daily newsletter for breaking news, product launches and deals, research breakdowns, and other industry-leading AI coverage
Join Now

AI-assisted malware attack targets French users: HP’s Wolf Security researchers have uncovered a malicious email campaign likely developed with the help of generative AI, raising concerns about the evolving landscape of cybersecurity threats.

  • In June, HP’s anti-phishing system, Sure Click, flagged an unusual email attachment targeting French language users.
  • The attachment contained an HTML file that, when accessed with the correct password, revealed a ZIP archive containing AsyncRAT malware.
  • AsyncRAT is an open-source remote access tool that can be misused to control victims’ computers remotely.

Unusual code characteristics raise suspicions: The malicious code found in the email attachment exhibited atypical features that led researchers to believe it was created using generative AI.

  • Unlike typical malware, the JavaScript and ZIP archive code were not obfuscated, making them easily readable.
  • The code contained detailed comments describing the function of each line, which is rare in malware as attackers usually aim to make their code difficult to understand.
  • The structure, consistent comments, and choice of function names and variables strongly suggest the involvement of generative AI in developing the scripts.

Broader implications for cybersecurity: This discovery highlights the potential for generative AI to lower the barrier to entry for cybercriminals and reshape the threat landscape.

  • Other companies, including OpenAI and Microsoft, have also observed state-sponsored hackers using generative AI to refine phishing attacks and conduct research.
  • In April, cybersecurity provider ProofPoint identified another case where hackers possibly used generative AI to develop a PowerShell script for malware delivery.
  • HP security researcher Patrick Schläpfer emphasized the significance of this finding, noting that while speculation about AI use by attackers is widespread, concrete evidence has been scarce.

Industry perspectives on AI-assisted attacks: While some experts see this as a significant development, others remain cautious about attributing attacks to AI definitively.

  • HP’s report suggests that generative AI could potentially “lower the bar” for cybercriminals to spread malware.
  • However, Google’s VirusTotal is more skeptical, with researcher Vicente Diaz pointing out the difficulty in distinguishing between code copied from various sources and that generated by AI.
  • This uncertainty highlights the challenges in accurately identifying and attributing AI-assisted cyberattacks.

Analyzing deeper: The double-edged sword of AI in cybersecurity: While the use of generative AI in malware development raises concerns, it also presents opportunities for improving cyber defenses and detection mechanisms.

  • As attackers potentially leverage AI to create more sophisticated threats, cybersecurity professionals may need to adapt their strategies and tools to keep pace.
  • The incident underscores the importance of continued research and collaboration within the cybersecurity community to understand and mitigate AI-assisted threats.
  • Moving forward, balancing the benefits of AI in cybersecurity with its potential misuse will likely become an increasingly critical challenge for industry professionals and policymakers alike.
HP Spots a Malware Attack That Was Likely Built With Generative AI

Recent News

Vivo unveils AI-powered FunTouch OS 15 upgrades

The Chinese smartphone maker introduces eight new AI tools for photo editing, language translation, and note-taking that mirror features previously exclusive to Google Pixel devices.

Microsoft’s AI-generated ad goes unnoticed by viewers

Microsoft's Surface ad used AI for 90% time and cost savings, blending synthetic and traditional footage without viewers detecting the difference.

Nvidia launches NeMo to simplify AI agent creation

The microservices framework enables enterprises to build self-improving AI agents that integrate with business systems and continuously learn from organizational data.